Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2563

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-2563
Last Modified 07 Mar 2011 09:36:30
Published 29 May 2006 12:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2563

Summary

The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.

Vulnerable Systems

Application

  • Php 4.4.2

  • Php 5.1.4


References

VUPEN - ADV-2006-2055

BID - 18116

XF - php-curl-safemode-bypass(26764)

SUSE - SUSE-SA:2006:052

SUSE - SUSE-SR:2006:022

MANDRIVA - MDKSA-2006:122

SECTRACK - 1016175

SREASON - 959

SREASONRES - 20060526 cURL Safe Mode Bypass PHP 4.4.2 and 5.1.4

SECUNIA - 22039

SECUNIA - 21847

SECUNIA - 21050

SECUNIA - 20337


Last Updated: 27 May 2016 10:42:40